Page 2 of 15 results (0.011 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution. Gradle Enterprise versiones hasta 2022.2.2, presenta un Control de Acceso Incorrecto que conlleva a una ejecución de código • https://security.gradle.com https://security.gradle.com/advisory/2022-09 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.5EPSS: 1%CPEs: 1EXPL: 3

Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. • https://github.com/gradle/gradle/security/advisories/GHSA-6j2p-252f-7mw8 https://medium.com/dot-debug/the-perils-of-bash-eval-cc5f9e309cae https://mywiki.wooledge.org/BashFAQ/048 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

In Gradle before version 7.0, on Unix-like systems, the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory. This vulnerability impacted builds using precompiled script plugins written in Kotlin DSL and tests for Gradle plugins written using ProjectBuilder or TestKit. If you are on Windows or modern versions of macOS, you are not vulnerable. If you are on a Unix-like operating system with the "sticky" bit set on your system temporary directory, you are not vulnerable. • https://docs.gradle.org/7.0/release-notes.html#security-advisories https://github.com/gradle/gradle/pull/15240 https://github.com/gradle/gradle/pull/15654 https://github.com/gradle/gradle/security/advisories/GHSA-89qm-pxvm-p336 https://access.redhat.com/security/cve/CVE-2021-29428 https://bugzilla.redhat.com/show_bug.cgi?id=1949643 • CWE-276: Incorrect Default Permissions CWE-378: Creation of Temporary File With Insecure Permissions CWE-379: Creation of Temporary File in Directory with Insecure Permissions •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded into the system temporary directory first. Sensitive information contained in these files can be exposed to other local users on the same system. If you do not use the `TextResourceFactory` API, you are not vulnerable. • https://docs.gradle.org/7.0/release-notes.html#security-advisories https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8 https://access.redhat.com/security/cve/CVE-2021-29429 https://bugzilla.redhat.com/show_bug.cgi?id=1949636 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File •

CVSS: 7.5EPSS: 0%CPEs: 71EXPL: 0

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process. Como mitigación para CVE-2020-1945, Apache Ant versión 1.10.8, cambió los permisos de los archivos temporales que creó para que solo el usuario actual pudiera acceder a ellos. Desafortunadamente, la tarea fixcrlf eliminó el archivo temporal y creó uno nuevo sin dicha protección, anulando efectivamente el esfuerzo. • https://github.com/gradle/gradle/security/advisories/GHSA-j45w-qrgf-25vm https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490%40%3Cdev.creadur.apache.org%3E https • CWE-377: Insecure Temporary File CWE-379: Creation of Temporary File in Directory with Insecure Permissions •